Each day, people throughout the nation and the world conduct thousands of transactions over the Internet. These transactions may be purchase transactions, such as buying goods or services from an Internet-based or retail merchant. These transactions may also be banking transactions, such as transferring funds between accounts or paying bills. Still other Internet-based or retail transactions may be money transfers to other persons. While the majority of people conduct legitimate business, a percentage of people attempt to conduct illegal or fraudulent transactions, such as using a stolen credit card number to make a purchase or fraudulent money transfer.
In some online transactions, the user may be required to input her account number (such as a credit card number, debit card number, stored value card number, account number held with a money transfer service provider, etc.), a security code associated with the transaction card, and/or her billing address. Unfortunately, all of this information might be acquired by stealing the user's transaction card and learning her address from one of many sources, such as the phonebook.
In other situations, possibly prior to using a website, a user may need to agree to an online contract (such as a “terms of use” agreement). This may require the user to acknowledge that she has viewed a particular document by electronically signing her name. However, as with many web-based entities, a criminal may easily “sign” someone else's name simply by typing it in or otherwise accepting the contract. In other instances, it may be preferable for a user to input data to a computer via handwriting. Again (particularly when the transaction is occurring remotely via the Internet), it may be difficult or impossible to verify that the person providing the handwriting is indeed who she says she is.
To reduce the number of fraudulent transactions, and increase security, an improved way of authenticating the identity of a user attempting to conduct transactions is needed. Further, any improvement for authenticating the user should be convenient and unobtrusive to the user.
The invention solves these and other problems.